[BUG] template variable dump works in v3.3.4 but doesn't in 3.3.5 and 3.3.6 #5916

theMiddleBlue · 2024-12-16T15:58:21Z

Is there an existing issue for this?

I have searched the existing issues.

Current Behavior

Trying to dump the template variable in flow using version 3.3.5 and 3.3.6 results in a different behaviour than 3.3.4. Basically log(template) works only on versions <=3.3.4.

Expected Behavior

print the dump of template variable to stdout

[JS] 	1. http_1_accept_ranges => bytes
	2. http_1_age => 410100
	3. http_1_all_headers => HTTP/1.1 200 OK  Connecti .... ncoding  X-Cache: HIT    
	4. http_1_body => <!doctype html> <html> <h .... > </div> </body> </html> 
	5. http_1_cache_control => max-age=604800
	6. http_1_content_length => 1256
	7. http_1_content_type => text/html; charset=UTF-8
	8. http_1_date => Mon, 16 Dec 2024 15:43:25 GMT
	9. http_1_duration => 0.258018543
	10. http_1_etag => "3147526947"
	11. http_1_expires => Mon, 23 Dec 2024 15:43:25 GMT
	12. http_1_header => HTTP/1.1 200 OK  Connecti .... ncoding  X-Cache: HIT    
	13. http_1_host => http://example.com
	14. http_1_last_modified => Thu, 17 Oct 2019 07:18:26 GMT
	15. http_1_matched => http://example.com
	16. http_1_request => GET / HTTP/1.1  Host: exa .... Accept-Encoding: gzip    
	17. http_1_response => HTTP/1.1 200 OK  Connecti .... > </div> </body> </html> 
	18. http_1_server => ECAcc (nyd/D179)
	19. http_1_status_code => 200
	20. http_1_type => http
	21. http_1_vary => Accept-Encoding
	22. http_1_x_cache => HIT

Steps To Reproduce

Step to reproduce

create an example template:

id: test-log-flow

info:
  name: Test log flow
  author: theMiddle
  severity: info
  description: test
  tags: test


flow: |
  http(1);
  log(template);

http:
  - method: GET
    path:
      - "{{BaseURL}}"
    redirects: true
    matchers:
    - type: status
      internal: true
      status:
        - 200

  - method: GET
    path:
      - "{{BaseURL}}"
    redirects: true
    matchers:
      - type: status
        internal: true
        status:
          - 200

Running the template with 3.3.6:

$ docker run --rm -v $PWD/test.yaml:/tmp/test.yaml projectdiscovery/nuclei:v3.3.6 -t /tmp/test.yaml -u 'http://example.com'

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.6

		projectdiscovery.io

[INF] nuclei-templates are not installed, installing...
[INF] Successfully installed nuclei-templates at /root/nuclei-templates
[INF] Current nuclei version: v3.3.6 (outdated)
[INF] Current nuclei-templates version: v10.1.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 114
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[JS]

Running the template with 3.3.5:

$ docker run --rm -v $PWD/test.yaml:/tmp/test.yaml projectdiscovery/nuclei:v3.3.5 -t /tmp/test.yaml -u 'http://example.com'
Unable to find image 'projectdiscovery/nuclei:v3.3.5' locally
v3.3.5: Pulling from projectdiscovery/nuclei
619be1103602: Already exists 
d374077e328f: Pull complete 
33c8b80ee389: Pull complete 
Digest: sha256:cdb478b86aeb88def5453f18ab92d80d83c989de033c62f6b83881e701c3567e
Status: Downloaded newer image for projectdiscovery/nuclei:v3.3.5

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.5

		projectdiscovery.io

[INF] nuclei-templates are not installed, installing...
[INF] Successfully installed nuclei-templates at /root/nuclei-templates
[INF] Current nuclei version: v3.3.5 (outdated)
[INF] Current nuclei-templates version: v10.1.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 114
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[JS]

Running the template with 3.3.4:

$ docker run --rm -v $PWD/test.yaml:/tmp/test.yaml projectdiscovery/nuclei:v3.3.4 -t /tmp/test.yaml -u 'http://example.com'
Unable to find image 'projectdiscovery/nuclei:v3.3.4' locally
v3.3.4: Pulling from projectdiscovery/nuclei
619be1103602: Already exists 
b3ef80a98b08: Pull complete 
4fa7e9d3bb78: Pull complete 
Digest: sha256:b390880a58f75efa5d893e0b0036f6570c7c1f05dbd9c1ebed766355b70e24d9
Status: Downloaded newer image for projectdiscovery/nuclei:v3.3.4

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.4

		projectdiscovery.io

[INF] nuclei-templates are not installed, installing...
[INF] Successfully installed nuclei-templates at /root/nuclei-templates
[INF] Current nuclei version: v3.3.4 (outdated)
[INF] Current nuclei-templates version: v10.1.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 114
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[JS] 	1. http_1_accept_ranges => bytes
	2. http_1_age => 410100
	3. http_1_all_headers => HTTP/1.1 200 OK  Connecti .... ncoding  X-Cache: HIT    
	4. http_1_body => <!doctype html> <html> <h .... > </div> </body> </html> 
	5. http_1_cache_control => max-age=604800
	6. http_1_content_length => 1256
	7. http_1_content_type => text/html; charset=UTF-8
	8. http_1_date => Mon, 16 Dec 2024 15:43:25 GMT
	9. http_1_duration => 0.258018543
	10. http_1_etag => "3147526947"
	11. http_1_expires => Mon, 23 Dec 2024 15:43:25 GMT
	12. http_1_header => HTTP/1.1 200 OK  Connecti .... ncoding  X-Cache: HIT    
	13. http_1_host => http://example.com
	14. http_1_last_modified => Thu, 17 Oct 2019 07:18:26 GMT
	15. http_1_matched => http://example.com
	16. http_1_request => GET / HTTP/1.1  Host: exa .... Accept-Encoding: gzip    
	17. http_1_response => HTTP/1.1 200 OK  Connecti .... > </div> </body> </html> 
	18. http_1_server => ECAcc (nyd/D179)
	19. http_1_status_code => 200
	20. http_1_type => http
	21. http_1_vary => Accept-Encoding
	22. http_1_x_cache => HIT

Relevant log output

Environment

- OS: Ubuntu
- Nuclei: 3.3.6
- Go: go version go1.23.4 linux/amd64

Anything else?

No response

The text was updated successfully, but these errors were encountered:

theMiddleBlue added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Dec 16, 2024

ehsandeep assigned dogancanbakir Dec 16, 2024

dogancanbakir linked a pull request Dec 18, 2024 that will close this issue

fix var dump #5921

Open

4 tasks

ehsandeep added this to the Nuclei v3.3.9 milestone Jan 9, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG] template variable dump works in v3.3.4 but doesn't in 3.3.5 and 3.3.6 #5916

[BUG] template variable dump works in v3.3.4 but doesn't in 3.3.5 and 3.3.6 #5916

theMiddleBlue commented Dec 16, 2024

[BUG] template variable dump works in v3.3.4 but doesn't in 3.3.5 and 3.3.6 #5916

[BUG] template variable dump works in v3.3.4 but doesn't in 3.3.5 and 3.3.6 #5916

Comments

theMiddleBlue commented Dec 16, 2024

Is there an existing issue for this?

Current Behavior

Expected Behavior

Steps To Reproduce

Step to reproduce

Relevant log output

Environment

Anything else?